oss-sec mailing list archives

CVE request: moodle 1.9.9/1.8.13 multiple vulnerabilities

From: Vincent Danen <vdanen () redhat com>
Date: Fri, 18 Jun 2010 14:14:08 -0600

Moodle 1.9.9 and 1.8.13 fix a few security issues:

http://docs.moodle.org/en/Moodle_1.9.9_release_notes
http://docs.moodle.org/en/Moodle_1.8.13_release_notes

Which address the following issues:

* MSA-10-0010 Persistent Cross Site Scripting vulnerability in the MNET access control interface
* MSA-10-0011 Cross Site Scripting vulnerability in blog/index.php
* MSA-10-0012 KSES Security Filter Bypassing vulnerability
* MSA-10-0013 Potential Cross Site Scripting vulnerability in Quiz reports

Could CVE names be assigned to these issues please?  Thanks!

--

Vincent Danen / Red Hat Security Response Team

Current thread:

CVE request: moodle 1.9.9/1.8.13 multiple vulnerabilities Vincent Danen (Jun 18)
- Re: CVE request: moodle 1.9.9/1.8.13 multiple vulnerabilities Josh Bressers (Jun 21)